1872fbe37b323623570ea0125516624d | Triage

Sharing

General

Target

1872fbe37b323623570ea0125516624d
Size

223KB
MD5

1872fbe37b323623570ea0125516624d
SHA1

69e278dc06d390e73d87e15a38b243130f8942d5
SHA256

e475f7fd513fd378b9f0efb7b92e82cf318ce4ee5405017afb29469dd55b3f9a
SHA512

b7d6a3fe1463d907bf4cf1b585dfd8988b40a1268e0d8a5b92d44be85d5164022bbdf8c7cf7f533c4943d9b92d0c27d5b83aee7b928b053bfebff3cd24deb4cf
SSDEEP

6144:eu5pEYtPG3qwwGWBUcjUPIGNurfYVX5QNLd:35GYtEbwG2UcQhNiz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1872fbe37b323623570ea0125516624d

Files

1872fbe37b323623570ea0125516624d
.exe windows:4 windows x86 arch:x86

4e6b463dca2780c3e0e4577017279b3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommBreak
GetProfileStringA
GetCommState
VirtualAlloc
GetStdHandle
GetProcessHeap
GlobalCompact
DeleteAtom
GetOEMCP
GlobalFree
ExitThread
GlobalLock
CreateHardLinkA
RaiseException
GetTapeStatus
EnterCriticalSection
GlobalFlags
LoadLibraryExA
WriteProcessMemory
CloseHandle
FindAtomA

user32

GetFocus
GetWindowTextA
ShowWindow
GetForegroundWindow
GetActiveWindow
CloseWindow
GetWindowTextLengthA
IsIconic
GetDC
GetParent
RegisterClassA
ValidateRect
GetClassNameA
ReleaseDC
DrawEdge
GetWindow
EndPaint
BeginPaint
GetClassInfoExA

wsock32

WSAAsyncSelect
WSAIsBlocking
WSAGetLastError
WSACleanup
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ